AbuseIPDB » 3.138.110.218
3.138.110.218
This IP was reported 5 times. Confidence of
Abuse
is 38% : ?
ISP
Amazon Technologies Inc.
Usage Type
Data Center/Web Hosting/Transit
ASN
AS16509
Hostname(s)
ec2-3-138-110-218.us-east-2.compute.amazonaws.com
Domain Name
amazon.com
Country
๐บ๐ธ
United States of America
City
Columbus, Ohio
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 3.138.110.218 :
This IP address has been reported a total of
5
times from
5 distinct
sources.
3.138.110.218 was first reported on
June 18th 2026 , and the most recent report was
1 day ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
2026-06-19 01:43:15
(1 day ago)
2026-06-19T02:43:14.257374+01:00 vps kernel: [43573546.513085] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ...
show more
2026-06-19T02:43:14.257374+01:00 vps kernel: [43573546.513085] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=3.138.110.218 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=49366 DF PROTO=TCP SPT=35220 DPT=2077 WINDOW=62727 RES=0x00 SYN URGP=0
...
show less
Port Scan
Brute-Force
๐ท๐ธ
Scan
2026-06-19 00:48:36
(1 day ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
๐บ๐ธ
itsnixk
2026-06-19 00:08:29
(1 day ago)
(mod_security) mod_security (id:920350) triggered by 3.138.110.218 (US/United States/ec2-3-138-110-2 ...
show more
(mod_security) mod_security (id:920350) triggered by 3.138.110.218 (US/United States/ec2-3-138-110-218.us-east-2.compute.amazonaws.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 18 20:08:23.532906 2026] [security2:error] [pid 550611:tid 550695] [client 3.138.110.218:49984] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+|\\\\[[\\\\da-f:]+\\\\]|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/.aws/config"] [unique_id "ajSId3bNzTAJaTJ6CXQjMAAAAAE"]
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-18 16:59:16
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.138.110.218 (ec2-3-138-110-218.us-east-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 3.138.110.218 (ec2-3-138-110-218.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:59:11.496909 2026] [security2:error] [pid 24108:tid 24108] [client 3.138.110.218:43488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.96"] [uri "/.git/index"] [unique_id "ajQj38CVUnl96AqAtBpeawAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iNetWorker
2026-06-18 12:53:28
(2 days ago)
trying to access non-authorized port
Port Scan
Showing 1 to
5
of 5 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: